How does fail2ban 0.9 database storage actually works?
- by Arantir
Fail2ban 0.9 introduce database storage to save bans on restart. But I can't find out the actual mechanism of it work.
There is dbpurgeage parameter which controls lifetime of old bans, defaults to 24 hours. As I see from code research, fail2ban saves a ban to the db with timeofban equals to the moment of ban being saved. Then every dbpurgeage period it removes all bans with timeofban < MyTime.time() - self._purgeAge, in other words removes all bans have been stored more than 24 hours ago.
But what if an IP was banned for the month? Does all this mean that with dbpurgeage = 86400 after restart in 24 hours I will lost all bans longer than 24 hours?
I just want that all my permanent bans will be preserved in any case.